一、实验架构图

haproxy通过ACL规则来实现智能负载均衡

当输入bbs.linux.com时，haproxy将请求转发到后端bbs服务器当输入blog.linux.com时，haproxy将请求转发到后端blog服务器前端两台haproxy服务器通过部署keepalived来实现haproxy高可用

二、准备工作

系统版本：centos7

haproxy服务器haproxy01 192.168.122.100haproxy02 192.168.122.200bbs服务器web01 192.168.122.101web02 192.168.166.102blog服务器web03 192.168.122.103web04 192.168.122.104关闭firewalld和SElinux,各主机均为固定ip

三、部署bbs服务器和blog服务器的测试页面

安装httpd并启动

[root@web01 ~]# yum install -y httpd[root@web01 ~]# echo "web01.bbs.com" >/var/www/html/index.html[root@web01 ~]# systemctl start httpd[root@web01 ~]# systemctl enable httpd

web01与web02测试页面分别为web01.bbs.com和web02.bbs.com

web03与web04测试页面分别为web03.blog.com和web04.blog.com

四、在haproxy01主机上安装haproxy,并进行配置

[root@haproxy01 ~]# yum install -y haproxy

配置文件所在位置

[root@haproxy01 ~]# rpm -qc haproxy/etc/haproxy/haproxy.cfg/etc/logrotate.d/haproxy

打开并编辑配置文件

[root@haproxy01 ~]# vim /etc/haproxy/haproxy.cfg

global        maxconn 2000        nbproc 1        user nobody        group nobody        log 127.0.0.1 local0 info        daemon        pidfile /var/run/haproxy.piddefaults        mode http        retries 3        timeout connect 5s        timeout client 10s        timeout server 30s        timeout check 2slisten admin_status        bind 0.0.0.0:9088        mode http        log 127.0.0.1 local0 err        stats refresh 30s        stats uri /haproxy-status        stats realm welcome login        stats auth admin:admin        stats hide-version        stats admin if TRUEfrontend test-proxy        bind *:80        mode http        log global        option httplog        option forwardfor        acl host_bbs hdr_dom(host) -i bbs.linux.com        acl host_blog hdr_beg(host) -i blog.        use_backend server_bbs if host_bbs        use_backend server_blog if host_blogbackend server_bbs        mode http        option redispatch        cookie SERVERID        option abortonclose        balance roundrobin        server bbs01 192.168.122.101:80 cookie bbs01 weight 3 check inter 2000 rise 1 fall 2        server bbs02 192.168.122.102:80 cookie bbs02 weight 3 check inter 2000 rise 1 fall 2backend server_blog        mode http        option redispatch        cookie SERVERID        option abortonclose        balance roundrobin        server blog01 192.168.122.103:80 cookie blog01 weight 3 check inter 2000 rise 1 fall 2        server blog02 192.168.122.104:80 cookie blog02 weight 3 check inter 2000 rise 1 fall 2

启动haproxy服务

[root@haproxy01 ~]# systemctl start haproxy[root@haproxy01 ~]# ss -antp |grep haproxyLISTEN     0      128                       *:9088                     *:*      users:(("haproxy",8742,4),("haproxy",8741,4))LISTEN     0      128                       *:80                       *:*      users:(("haproxy",8742,6),("haproxy",8741,6))

五、阶段测试

打开浏览器，通过输入bbs.linux.com,可看到web01和web02的负载均衡效果。通过输入blog.linux.com,可看到web03和web04的负载均衡效果。

六、测试访问haproxy的监控页面

七、安装配置haproxy02

软件安装方法和配置文件与haproxy01一致

[root@haproxy02 ~]# yum install -y haproxy[root@haproxy02 ~]# scp 192.168.122.100:/etc/haproxy/haproxy.cfg /etc/haproxy/[root@haproxy02 ~]# systemctl start haproxy[root@haproxy02 ~]# systemctl enable haproxy

八、配置keepalived实现haproxy高可用

分别在两台haproxy主机上安装keepalived

[root@haproxy01 ~]# yum install -y keepalivedhaproxy01主机keepalived配置文件如下[root@haproxy01 ~]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalivedglobal_defs {   router_id haproxy01}vrrp_instance VI_1 {    state MASTER    interface eth0    virtual_router_id 80    priority 100    advert_int 1    authentication {        auth_type PASS        auth_pass redhat    }    virtual_ipaddress {        192.168.122.111    }}

[root@haproxy01 ~]# scp /etc/keepalived/keepalived.conf 192.168.122.200:/etc/keepalived/haproxy02主机keepalived配置文件如下[root@haproxy01 ~]# scp /etc/keepalived/keepalived.conf 192.168.122.200:/etc/keepalived/

! Configuration File for keepalivedglobal_defs { router_id haproxy02}vrrp_instance VI_1 {    state BACKUP    interface eth0    virtual_router_id 80    priority 50    advert_int 1    authentication {            auth_type PASS            auth_pass redhat    }    virtual_ipaddress {            192.168.122.111    }}

分别启动keepalived服务

[root@haproxy01 ~]# systemctl start keepalived[root@haproxy01 ~]# systemctl enable keepalivedln -s '/usr/lib/systemd/system/keepalived.service' '/etc/systemd/system/multi-user.target.wants/keepalived.service'[root@haproxy01 ~]# systemctl status keepalivedkeepalived.service - LVS and VRRP High Availability Monitor   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; enabled)   Active: active (running) since 二 2018-06-05 19:56:24 CST; 33s ago Main PID: 8821 (keepalived)   CGroup: /system.slice/keepalived.service           ├─8821 /usr/sbin/keepalived -D           ├─8822 /usr/sbin/keepalived -D           └─8823 /usr/sbin/keepalived -D

[root@haproxy01 ~]# ip addr show eth02: eth0: 
    
      mtu 1500 qdisc pfifo_fast state UP qlen 1000    link/ether 52:54:00:4f:62:e6 brd ff:ff:ff:ff:ff:ff    inet 192.168.122.100/24 brd 192.168.122.255 scope global eth0       valid_lft forever preferred_lft forever    inet 192.168.122.111/32 scope global eth0       valid_lft forever preferred_lft forever    inet6 fe80::5054:ff:fe4f:62e6/64 scope link        valid_lft forever preferred_lft forever
    

[root@haproxy02 ~]# systemctl start keepalived[root@haproxy02 ~]# systemctl enable keepalivedln -s '/usr/lib/systemd/system/keepalived.service' '/etc/systemd/system/multi-user.target.wants/keepalived.service'[root@haproxy02 ~]# systemctl status keepalivedkeepalived.service - LVS and VRRP High Availability Monitor   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; enabled)   Active: active (running) since 二 2018-06-05 19:57:24 CST; 12s ago Main PID: 8738 (keepalived)   CGroup: /system.slice/keepalived.service           ├─8738 /usr/sbin/keepalived -D           ├─8739 /usr/sbin/keepalived -D           └─8740 /usr/sbin/keepalived -D

配置haproxy的记录日志

[root@haproxy02 ~]# vim /etc/sysconfig/rsyslog

# Options for rsyslogd# Syslogd options are deprecated since rsyslog v3.# If you want to use them, switch to compatibility mode 2 by "-c 2"# See rsyslogd(8) for more detailsSYSLOGD_OPTIONS="-c 2 -r"

[root@haproxy02 ~]# vim /etc/rsyslog.conf $ModLoad imudp$UDPServerRun 514local0.*                                                /var/log/haproxy.log

[root@haproxy02 ~]# systemctl restart rsyslog.service haproxy.service[root@haproxy02 ~]# ls /var/log/anaconda  boot.log  cron   dmesg.old    lastlog  messages  rhsm    spooler   tuned  yum.logaudit     btmp      dmesg  haproxy.log  maillog  ppp       secure  tallylog  wtmp

[root@haproxy02 ~]# tail -f /var/log/haproxy.log Jun  5 20:13:58 localhost haproxy[8805]: Proxy test-proxy started.